Is your data in cloud safe? Who owns the encryption keys?

Posted by Ankur Panchbudhe on March 24 2014

The proliferation of consumer mobility and increasing use of consumer file sharing apps like Dropbox has resulted in the emergence of the Enterprise File Sync and Share (EFSS) market. EFSS vendors differentiate themselves from consumer offerings by providing enterprise control – that is, allowing IT to control and monitor how the files are accessed and shared by employees.

But is this enough? What about privacy of data? Enterprises still have to rely on the vendor to ensure safety of data while on the wire (data-in-motion) and while it is stored in cloud (data-at-rest). It means that the EFSS vendor has to maintain ownership and management of keys. There are three major issues with this. One, you may be at a risk of violating regulatory compliance (data residency or data sovereignty in some geographies). Second, your data while in transit and while being stored in the cloud may be at risk from attackers. And third, you may run a risk of the vendor giving out your data to authorities without your consent.

Essentially, you may be under the illusion that you are in total control of your corporate data with controlled use of file sharing by your employees, but you are running a huge risk. The key to mitigating this risk is: “own the keys”.

Vaultize allows you to own and manage your keys through its Data Privacy Option (DPO). Vaultize’s patent pending encryption technology used in file sharing and mobility ensures that the data is encrypted (and later decrypted) only on endpoints, whether mobile or non-mobile. That means, while in transit what goes over the wire is encrypted (data-in-motion) and the data stays encrypted while on the cloud storage (data-at-rest). With DPO, you are given physical control of the encryption keys and Vaultize will never store any keys in any of its infrastructure – ensuring complete privacy and mitigation from all the three risks mentioned previously.

Additionally, Vaultize provides endpoint encryption, wiping, geo tracking and geo fencing. Endpoint encryption helps enterprises encrypt sensitive information on endpoints ensuring protection against unauthorized access and potential data leakage from lost or stolen device; and securely erase sensitive data from such a device.

Further, Vaultize offers deployment options other than public cloud. You can deploy it on-premise in a single-server or multi-server (scalable cloud environment) with different redundancy and high-availability configurations. Vaultize also offers purpose-built (industry’s first) appliance series (Cloud-in-a-box).

Under all the deployment options, you get the flexibility to choose between Vaultize’s standard storage, cloud storage options (like Amazon, Azure), your own on-premise storage within your data center and/or your private cloud storage.

So, choose Vaultize – “End-to-end Protection and Privacy”!

Topics: Miscellaneous, Features

Subscribe To The Blog